An approach to cyber defense that concentrates on detection and mitigation of cyber risks in cyber-relevant (near-real) time. Active Cyber Defense involves placing sensors on one’s own networks, and then automating detection, analysis, reverse engineering, and mitigation to reduce the need for human intervention. Information may be automatically shared, machine-to-machine, among cooperating enterprises. Active Cyber Defense involves no intrusion into hostile or non-cooperating networks or systems, but focuses entirely on the defended networks, and is thus not to be confused with active defense.